package com.smartlbs.baseframe.interceptor;

import java.text.SimpleDateFormat;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.alibaba.druid.util.StringUtils;
import com.smartlbs.baseframe.web.InitTask;
import com.smartlbs.entity.SysUser;
import com.smartlbs.entity.UserBasic;
import com.smartlbs.service.IUserBasicService;
import com.smartlbs.util.DESUtil;
import com.smartlbs.util.DateUtil;
import com.smartlbs.util.StringUtil;
/*
	管理员拦截器
*/
public class AdminLoginInterceptor implements HandlerInterceptor{

	@Override
	public void afterCompletion(HttpServletRequest arg0,
			HttpServletResponse arg1, Object arg2, Exception arg3)
			throws Exception {
	}

	@Override
	public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
			Object arg2, ModelAndView arg3) throws Exception {
	}

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
			Object handle) throws Exception {
		request.setCharacterEncoding("utf-8");
		response.setContentType("text/html;charset=utf-8");
		//
		String url = request.getRequestURI();
		
		if(url.contains("adminuser/login") || url.contains("user/basic/authLogin") || url.contains("user/basic/callback") ||url.contains("views")||url.contains("getcode")){
			return true;
		}
		
		/*
		 * 获取token
		 */
		String tokenStr = request.getHeader("token");
		//
		if(StringUtil.containEmpty(tokenStr)){
			response.getWriter().println("{\"result\":998, \"message\":\"非法登录\"}");
			return false;
		}
		
		String[] tokenArr = tokenStr.split("\\&&&&");
		
		//
		String token = tokenArr[0];
		
		if(tokenArr[1].equals("mobile")){//手机端
			//
			String entryToken = DESUtil.decryptString("mot_user_token", token);
			String[] arr = entryToken.split("\\*#&");
			//
			String userId = arr[0];
			//
			IUserBasicService userBasicService = (IUserBasicService)InitTask.getSpringBean("userBasicService");
			UserBasic userBasic = userBasicService.findById(Long.parseLong(userId));
			//
			SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
			//
			if(userBasic!=null){
				String keyword = userBasic.getUserId()+"*#&"+userBasic.getOpenId()+"*#&"+format.format(userBasic.getLastLogin());
				String validateToken = DESUtil.encryptString("mot_user_token", keyword);
				//
				if(!token.equals(validateToken)){
					response.getWriter().println("{\"result\":997, \"message\":\"签名不合法，请重新登录\"}");
					return false;
				}else{
					//
					long scope = DateUtil.calcTimeScope(DateUtil.getNowDateTimeString(), arr[2]);
					if(scope > 7*24*3600){
						response.getWriter().println("{\"result\":998, \"message\":\"登录状态过期，请重新登录\"}");
						return false;
					}
					//
					request.setAttribute("currentUser", userBasic);
					return true;
				}
			}else{
				response.getWriter().println("{\"result\":998, \"message\":\"登录状态过期，请重新登录\"}");
				return false;
			}
		}else{
			SysUser user=(SysUser)request.getSession().getAttribute("sysUser");
			if(user==null){
				response.getWriter().println("{\"result\":998, \"message\":\"非法登录\"}");
				return false;
			}
			return true;
		}
	}
}
